Theses patterns are related to Toata Scanner, an Web scanner specialized in Web applications discovery. Originally this Web scanner was targeting Roundcube Webmail installation files in order to exploit CVE-2008-5619. You can see with theses logs samples that Toata is no more only targeting Roundcube, but is also used to detect installation of e107, for example. We have publish yesterday (24 Mai 2010) an security alert regarding e107, toata is surely using a google dorking feature to find his target.